How it Works
Symbol
Loading...
WS 2000

Symbol WS 2000 System Reference Manual

WS 2000 Wireless Switch
System Reference
Contents
Chapter 1. Product Overview
WS 2000 Wireless Switch System Reference Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-2
About this Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-2
Document Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Management of Access Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-3
Hardware Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
Technical Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-4
WS 2000 Wireless Switch LED Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5
Software Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6
Operating System (OS) Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-6
Cell Controller Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6
Gateway Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6
Chapter 2. Getting Started
Getting Started with the WS 2000 Wireless Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-2
Enable Subnet1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5
Communicating with the Outside World . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-7
Setting Up Point-to-Point over Ethernet (PPPoE) Communication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8
Wireless Summary Area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9
Setting the Authentication Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-10
Setting the Encryption Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-10
Mobile Unit Access Control List (ACL). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11
Where to Go from Here? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-12
WS 2000 Wireless Switch System Reference GuideTOC-2
Chapter 3. LAN/Subnet Configuration
Enabling Subnets for the LAN Interface. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-2
Defining Subnets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-2
Configuring Subnets . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-3
The DHCP Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-4
Advanced DHCP Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-5
Configuring Subnet Access. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-5
The Access Overview Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-6
The Access Exception Area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-6
Advanced Subnet Access Settings. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-8
Virtual LAN (VLAN) Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3-11
Chapter 4. WAN Configuration
Configuring the WAN Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-2
Communicating with the Outside World . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-2
Setting Up Point-to-Point over Ethernet (PPPoE) Communication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-3
Configuring the WS 2000 Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-4
Disabling the Firewall. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-4
Setting the NAT Timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-4
Configurable Firewall Filters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-4
Configuring Content Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-6
Configuring Network Address Translation (NAT). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-7
Configuring Static Routes. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-10
Creating User-Defined Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-10
Setting the RIP Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-11
Configuring a Virtual Private Network (VPN) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-12
Creating a VPN Tunnel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-14
Setting Up VPN Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-14
Configuring Manual Key Exchange . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-15
Setting Up Automatic Key Exchange . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-17
Setting Up Internet Key Exchange (IKE) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-18
VPN: Frequently Asked Questions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4-20
Chapter 5. Wireless Configuration
Enabling Wireless LANs (WLANs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-3
Wireless Summary Area. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-3
Access Port Adoption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-4
Configuring Wireless LANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-5
Configuring Wireless LAN Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-6
Selecting the Authentication Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-6
Configuring 802.1x EAP Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-7
Configuring Kerberos Authentication. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-8
Setting the Encryption Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-9
Configuring WEP Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-9
Configuring WPA-TKIP Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-10
Configuring WPA2-CCMP (802.11i) Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-11
KeyGuard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-12
No Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-12
Mobile Unit Access Control List (ACL) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-13
Configuring Access Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-13
Setting Default Access Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-16
Common Settings to All Radio Types . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-16
Radio-Specific Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-19
Advanced Access Port Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-19
Radio Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-20
Antenna Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-21
Advanced Properties . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-21
Quality of Service Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-22
Setting the Bandwidth Share Mode. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-23
Configuring Voice Prioritization and Multicast Address Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-24
Setting Up Port Authentication for AP 300 Access Ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-24
Rogue Access Point (Port) Detection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-25
Setting Up the Detection Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-26
Defining and Maintaining Approved AP List Rules . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-27
Examine the Approve and Rogue Access Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-27
Setting SNMP Traps for Rogue APs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5-30
TOC-3
Chapter 6. Administrator and User Access
Configuring Administrator Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-2
Selecting the Type of Admin Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-2
Configuring Secure Shell Connection Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-3
Admin Authentication and RADIUS Server Authentication Setup . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-3
Setting Up AirBEAM Software Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-3
Applet Timeout Specification. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-3
Changing the Administrator Password. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-4
Configuring User Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-4
Configuring the RADIUS Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-5
Configuring Lightweight Directory Access Protocol (LDAP) Authentication . . . . . . . . . . . . . . . . . . . . . . . .6-6
Setting Up a Proxy RADIUS Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-7
Managing the Local User Database. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-8
Setting the User Access Policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-10
Managing Digital Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-11
Importing CA Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-11
Creating Self Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6-12
Chapter 7. Switch Administration
Overview of Administration Support . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-3
Restarting the WS 2000 Wireless Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-3
Changing the Name of the Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-4
Changing the Location and Country Settings of the WS 2000 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-4
Configuring Switch Redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-6
Setting Up Switch Redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-6
Redundancy Operations Status . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-7
Updating the WS 2000 Wireless Switch’s Firmware . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-7
Checking for and Downloading Firmware Updates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-7
WS 2000 Wireless Switch System Reference GuideTOC-4
Performing the Firmware Update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-8
Setting Up DHCP Options for Firmware Upload. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-8
Exporting and Importing Wireless Switch Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-9
To Import or Export Settings to an FTP or TFTP Site . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-10
To Import Settings to a Local File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-11
To Export Settings to a Local File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-11
Sample Configuration File . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-11
Configuring SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-19
Setting the SNMP Version Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-20
Setting Up the Access Control List. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-21
Setting the Trap Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-22
Setting the Trap Configuration for SNMP v1/v2c . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-22
Setting the Trap Configuration for SNMP V3. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-23
Selecting Traps. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-23
Setting Rate Traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-26
Specifying a Network Time Protocol (NTP) Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-27
Setting Up and Viewing the System Log . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-28
Viewing the Log on the Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-28
Setting Up a Log Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7-29
Chapter 8. Status & Statistics
WAN Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-2
Subnet Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-3
Interfaces . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-5
Wireless LAN Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-6
Displaying WLAN Summary Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-6
Getting Statistics for a Particular WLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-7
General WLAN Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-8
Access Port Statistics. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-9
Access Port Statistics Summary Screen . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-9
Detailed Information About a Particular Access Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-10
General Access Port Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-11
Mobile Unit (MU) Statistics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-13
View Statistics in Graphic Form . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8-14
Chapter 9. WS 2000 Use Cases
Retail Use Case. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-3
A Retail Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-3
The Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-3
Contacting the Wireless Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-4
Entering the Basic System Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-5
Setting Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-6
The IP Address Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-7
Configuring POS Subnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-8
Configuring the Printer Subnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-9
Configuring the Cafe Subnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-11
Configuring the WAN Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-13
Configuring Network Address Translation (NAT). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-14
Inspecting the Firewall . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-16
Configuring the Access Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-16
Setting Access Port Defaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-17
Naming the POS Access Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-18
Configuring the Printer Access Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-19
Configuring the Cafe Access Port. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-20
Associating the Access Ports to the WLANs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-21
Configuring the Cafe WLAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-22
Configuring the Printer WLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-24
Configuring the POS WLAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-26
Configuring Subnet Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-29
Configuring the Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-31
Testing Connections. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-32
Field Office Use Case . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-33
A Field Office Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-33
The Plan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-33
Configuring the System Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-34
Contacting the Wireless Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-34
Entering the Basic System Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-37
Setting Access Control . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-38
Configuring the LAN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-39
Configuring the Engineering LAN. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-40
Configuring the Sales Subnet. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-42
Configuring the WAN Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-43
Configuring the WAN Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-45
Setting Up Network Address Translation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-45
Confirm Firewall Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-47
Adopting Access Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-47
Configuring the WLANs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-49
Security. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-51
Configuring the Access Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-54
Configuring Subnet Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-59
Configuring the VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-62
Installing the Access Ports and Testing. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9-65
TOC-5
Chapter 10. Command Line Interface Reference
Admin and Common Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-3
WS2000>admin> admin . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-3
WS2000>admin> help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-4
WS2000>admin> passwd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-5
WS2000>admin> quit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-6
WS2000>admin> save . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-7
WS2000>admin> summary . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-8
WS2000>admin> .. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-11
WS2000>admin> / . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-12
Network Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-13
WS2000>admin> network . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-13
WS 2000 Wireless Switch System Reference GuideTOC-6
Network AP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-14
WS2000>admin(network)> ap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-14
WS2000>admin(network.ap)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-15
WS2000>admin(network.ap)> copydefaults . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-16
WS2000>admin(network.ap)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-17
WS2000>admin(network.ap)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-18
WS2000>admin(network.ap)> reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-19
WS2000>admin(network.ap)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-20
WS2000>admin(network.ap)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-22
Network AP Default Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-24
WS2000>admin(network.ap)> default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-24
WS2000>admin(network.ap.default)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-25
WS2000>admin(network.ap.default)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-27
Network AP Test Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-28
WS2000>admin(network.ap)> test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-28
WS2000>admin(network.ap.test)> new . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-29
Network DCHP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-30
WS2000>admin(network)> dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-30
WS2000>admin(network.dhcp)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-31
WS2000>admin(network.dhcp)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-32
Network Firewall Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-33
WS2000>admin(network)> fw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-33
WS2000>admin(network.fw)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-34
WS2000>admin(network.fw)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-36
Network Firewall Policy Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-37
WS2000>admin(network.fw)> policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-37
WS2000>admin(network.fw.policy)> import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-38
Network Firewall Policy Inbound Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-39
WS2000>admin(network.fw.policy)> inb . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-39
WS2000>admin(network.fw.policy.inb)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-40
WS2000>admin(network.fw.policy.inb)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-41
WS2000>admin(network.fw.policy.inb)> insert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-42
WS2000>admin(network.fw.policy.inb)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-43
WS2000>admin(network.fw.policy.inb)> move . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-44
WS2000>admin(network.fw.policy.inb)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-45
Network Firewall Policy Outbound Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-46
WS2000>admin(network.fw.policy)> outb . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-46
WS2000>admin(network.fw.policy.outb)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-47
WS2000>admin(network.fw.policy.outb)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-48
WS2000>admin(network.fw.policy.outb)> insert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-49
WS2000>admin(network.fw.policy.outb)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-50
WS2000>admin(network.fw.policy.outb)> move . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-51
WS2000>admin(network.fw.policy.outb)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-52
Network Firewall Submap Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-53
WS2000>admin(network.fw)> submap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-53
WS2000>admin(network.fw.submap)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-54
WS2000>admin(network.fw.submap)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-55
WS2000>admin(network.fw.submap)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-56
WS2000>admin(network.fw.submap)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-57
WS2000>admin(network.fw.submap)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-58
Network LAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-59
WS2000>admin(network)> lan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-59
WS2000>admin(network.lan)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-60
WS2000>admin(network.lan)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-61
Network LAN DHCP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-62
WS2000>admin(network.lan)> dhcp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-62
WS2000>admin(network.lan.dhcp)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-63
WS2000>admin(network.lan.dhcp)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-64
WS2000>admin(network.lan.dhcp)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-65
WS2000>admin(network.lan.dhcp)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-66
WS2000>admin(network.lan.dhcp)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-67
Network QoS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-68
WS2000>admin(network)> qos . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-68
WS2000>admin(network.qos)> clear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-69
WS2000>admin(network.qos)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-70
WS2000>admin(network.qos)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-71
Network Router Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-72
WS2000>admin(network)> router . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-72
WS2000>admin(network.router)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-73
WS2000>admin(network.router)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-74
WS2000>admin(network.router)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-75
WS2000>admin(network.router)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-76
WS2000>admin(network.router)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-77
Network VLAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-78
WS2000>admin(network)> vlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-78
WS2000>admin(network.vlan)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-79
WS2000>admin(network.vlan)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-80
Network VLAN Trunk Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-81
WS2000>admin(network.vlan)> trunk . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-81
WS2000>admin(network.vlan.trunk)> clear . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-82
WS2000>admin(network.vlan.trunk)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-83
WS2000>admin(network.vlan.trunk)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-84
Network WAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-85
WS2000>admin(network)> wan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-85
WS2000>admin(network.wan)> renew . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-86
WS2000>admin(network.wan)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-87
WS2000>admin(network.wan)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-88
Network WAN App Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-89
WS2000>admin(network.wan)> app . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-89
WS2000>admin(network.wan.app)> addcmd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-90
WS2000>admin(network.wan.app)> delcmd . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-92
WS2000>admin(network.wan.app)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-94
Network WAN NAT Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-95
WS2000>admin(network.wan)> nat . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-95
WS2000>admin(network.wan.nat)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-96
WS2000>admin(network.wan.nat)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-97
TOC-7
WS 2000 Wireless Switch System Reference GuideTOC-8
WS2000>admin(network.wan.nat)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-98
WS2000>admin(network.wan.nat)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-99
WS2000>admin(network.wan.nat)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-100
Network WAN VPN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-101
WS2000>admin(network.wan)> vpn . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-101
WS2000>admin(network.wan.vpn)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-102
WS2000>admin(network.wan.vpn)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-103
WS2000>admin(network.wan.vpn)> ikestate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-104
WS2000>admin(network.wan.vpn)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-105
WS2000>admin(network.wan.vpn)> reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-106
WS2000>admin(network.wan.vpn)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-107
WS2000>admin(network.wan.vpn)> stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-111
Network WAN VPN Cmgr Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-112
WS2000>admin(network.wan.vpn)> cmgr . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-112
WS2000>admin(network.wan.vpn.cmgr)> delca . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-113
WS2000>admin(network.wan.vpn.cmgr)> delprivkey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-114
WS2000>admin(network.wan.vpn.cmgr)> delself . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-115
WS2000>admin(network.wan.vpn.cmgr)> expcert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-116
WS2000>admin(network.wan.vpn.cmgr)> genreq . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-117
WS2000>admin(network.wan.vpn.cmgr)> impcert . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-118
WS2000>admin(network.wan.vpn.cmgr)> listca . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-119
WS2000>admin(network.wan.vpn.cmgr)> listprivkey . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-120
WS2000>admin(network.wan.vpn.cmgr)> listself . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-121
WS2000>admin(network.wan.vpn.cmgr)> loadca . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-122
WS2000>admin(network.wan.vpn.cmgr)> loadself . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-123
WS2000>admin(network.wan.vpn.cmgr)> showreq . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-124
Network WLAN Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-125
WS2000>admin(network)> wlan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-125
WS2000>admin(network.wlan)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-126
WS2000>admin(network.wlan)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-127
WS2000>admin(network.wlan)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-128
WS2000>admin(network.wlan)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-129
WS2000>admin(network.wlan)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-133
Network WLAN Rogue AP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-135
WS2000>admin(network.wlan)> rogueap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-135
WS2000>admin(network.wlan.rogueap)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-136
WS2000>admin(network.wlan.rogueap)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-137
Network WLAN Rogue AP Approved AP List Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-138
WS2000>admin(network.wlan.rogueap)> approvedlist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-138
WS2000>admin(network.wlan.rogueap.approvedlist)> ageout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-139
WS2000>admin(network.wlan.rogueap.approvedlist)> approve . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-140
WS2000>admin(network.wlan.rogueap.approvedlist)> erase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-141
WS2000>admin(network.wlan.rogueap.approvedlist)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-142
Network WLAN Rogue AP List Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-143
WS2000>admin(network.wlan.rogueap)> roguelist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-143
WS2000>admin(network.wlan.rogueap.roguelist)> ageout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-144
WS2000>admin(network.wlan.rogueap.roguelist)> approve . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-145
WS2000>admin(network.wlan.rogueap.roguelist)> erase . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-146
WS2000>admin(network.wlan.rogueap.roguelist)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-147
Network WLAN Rogue AP Locate Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-148
WS2000>admin(network.wlan.rogueap.roguelist)> locate . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-148
WS2000>admin(network.wlan.rogueap.roguelist.locate)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-149
WS2000>admin(network.wlan.rogueap.roguelist.locate)> start . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-150
Network WLAN Rogue AP MU Scan Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-151
WS2000>admin(network.wlan.rogueap.roguelist)> muscan . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-151
WS2000>admin(network.wlan.rogueap.roguelist.muscan)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-152
WS2000>admin(network.wlan.rogueap.roguelist.muscan)> start . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-153
Network WLAN Rogue AP Rule List Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-154
WS2000>admin(network.wlan.rogueap)> rulelist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-154
WS2000>admin(network.wlan.rogueap.rulelist)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-155
WS2000>admin(network.wlan.rogueap.rulelist)> authsymbolap . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-156
WS2000>admin(network.wlan.rogueap.rulelist)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-157
WS2000>admin(network.wlan.rogueap.rulelist)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-158
Statistics Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-159
WS2000>admin)> stats . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-159
WS2000>admin(stats)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-160
Statistics RF Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-162
WS2000>admin(stats)> rf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-162
WS2000>admin(stats.rf)> reset . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-163
WS2000>admin(stats.rf)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-164
System Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-167
WS2000>admin)> system . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-167
WS2000>admin(system)> lastpw . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-168
System Authentication Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-169
WS2000>admin(system)> authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-169
WS2000>admin(system.authentication)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-170
WS2000>admin(system.authentication)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-171
System Authentication RADIUS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-172
WS2000>admin(system.authentication)> radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-172
WS2000>admin(system.authentication.radius)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-173
WS2000>admin(system.authentication.radius)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-174
System Configuration Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-175
WS2000>admin(system)> config . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-175
WS2000>admin(system.config)> default . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-176
WS2000>admin(system.config)> export . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-177
WS2000>admin(system.config)> import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-179
WS2000>admin(system.config)> partial . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-180
WS2000>admin(system.config)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-181
WS2000>admin(system.config)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-182
WS2000>admin(system.config)> update . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-183
System Logs Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-184
WS2000>admin(system)> logs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-184
WS2000>admin(system.logs)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-185
WS2000>admin(system.logs)> send . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-186
WS2000>admin(system.logs)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-187
TOC-9
WS 2000 Wireless Switch System Reference GuideTOC-10
WS2000>admin(system.logs)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-188
WS2000>admin(system.logs)> view . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-189
System NTP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-190
WS2000>admin(system)> ntp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-190
WS2000>admin(system.ntp)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-191
WS2000>admin(system.ntp)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-192
System RADIUS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-193
WS2000>admin(system)> radius . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-193
WS2000>admin(system.radius)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-194
WS2000>admin(system.radius)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-195
System RADIUS Client Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-196
WS2000>admin(system.radius)> client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-196
WS2000>admin(system.radius.client)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-197
WS2000>admin(system.radius.client)> del . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-198
WS2000>admin(system.radius.client)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-199
System RADIUS EAP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-200
WS2000>admin(system.radius)> eap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-200
WS2000>admin(system.radius.eap)> import . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-201
WS2000>admin(system.radius.eap)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-202
WS2000>admin(system.radius.eap)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-203
System RADIUS EAP PEAP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-204
WS2000>admin(system.radius.eap)> peap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-204
WS2000>admin(system.radius.eap.peap)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-205
WS2000>admin(system.radius.eap.peap)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-206
System RADIUS EAP TTLS Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-207
WS2000>admin(system.radius.eap)> ttls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-207
WS2000>admin(system.radius.eap.ttls)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-208
WS2000>admin(system.radius.eap.ttls)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-209
System RADIUS LDAP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-210
WS2000>admin(system.radius)> ldap . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-210
WS2000>admin(system.radius.ldap)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-211
WS2000>admin(system.radius.ldap)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-212
System RADIUS Policy Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-213
WS2000>admin(system.radius)> policy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-213
WS2000>admin(system.radius.policy)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-214
WS2000>admin(system.radius.policy)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-215
System RADIUS Proxy Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-216
WS2000>admin(system.radius)> proxy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-216
WS2000>admin(system.radius.proxy)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-217
WS2000>admin(system.radius.proxy)> del . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-218
WS2000>admin(system.radius.proxy)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-219
WS2000>admin(system.radius.proxy)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-220
System Redundancy Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-221
WS2000>admin(system)> redundancy . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-221
WS2000>admin(system.redundancy)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-222
WS2000>admin(system.redundancy)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-223
System SSH Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-224
WS2000>admin(system)> ssh . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-224
WS2000>admin(system.ssh)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-225
WS2000>admin(system.ssh)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-226
System SNMP Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-227
WS2000>admin(system)> snmp . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-227
System SNMP Access Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-228
WS2000>admin(system.snmp)> access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-228
WS2000>admin(system.snmp.access)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-229
WS2000>admin(system.snmp.access)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-231
WS2000>admin(system.snmp.access)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-233
WS2000>admin(system.snmp.access)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-234
System SNMP Traps Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-235
WS2000>admin(system.snmp)> traps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-235
WS2000>admin(system.snmp.traps)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-236
WS2000>admin(system.snmp.traps)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-238
WS2000>admin(system.snmp.traps)> list . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-239
WS2000>admin(system.snmp.traps)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-240
WS2000>admin(system.snmp.traps)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-243
System User Database Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-246
WS2000>admin(system)> userdb . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-246
System User Database Group Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-247
WS2000>admin(system.userdb)> group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-247
WS2000>admin(system.userdb.group)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-248
WS2000>admin(system.userdb.group)> create . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-249
WS2000>admin(system.userdb.group)> delete . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-250
WS2000>admin(system.userdb.group)> remove . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-251
WS2000>admin(system.userdb.group)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-252
System User Database User Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-253
WS2000>admin(system.userdb)> user . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-253
WS2000>admin(system.userdb.user)> add . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-254
WS2000>admin(system.userdb.user)> del . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-255
WS2000>admin(system.userdb.user)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-256
WS2000>admin(system.userdb.user)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-257
System WS2000 Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-258
WS2000>admin(system)> ws2000) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-258
WS2000>admin(system.ws2000)> restart . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-259
WS2000>admin(system.ws2000)> set . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-260
WS2000>admin(system.ws2000)> show . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .10-262
TOC-11
WS 2000 Wireless Switch System Reference GuideTOC-12
1
Product Overview
WS 2000 Wireless Switch System Reference Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-2
About this Document . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-2
Document Conventions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
Management of Access Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-3
Hardware Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
Technical Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-4
WS 2000 Wireless Switch LED Functions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5
Software Overview. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6
Operating System (OS) Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1-6
Cell Controller Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6
Gateway Services . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6
WS 2000 Wireless Switch System Reference Guide1-2
WS 2000 Wireless Switch System Reference Guide
This guide is intended to support administrators responsible for understanding, configuring and maintaining the Wireless
Switch. This document provides information for the system administrator to use during the initial setup and configuration of
the system. It also serves as a reference guide for the administrator to use while updating or maintaining the system.
About this Document
We recommend viewing this online system reference guide with Internet Explorer 5.0 and higher or Netscape Navigator 4.7
or higher on a Microsoft Windows based PC. Viewing this document under other configurations may produce undesirable
results.
Document Conventions
Notes Notes are displayed in blue text and indicate a tip or requirement.
GUI Screen Text Indicates monitor screen dialog/output from the graphical user interface accessed from any web
browser on the network.
System Overview
The WS 2000 Wireless Switch provides a low-cost, feature-rich option for sites with one to six Access Ports. The WS 2000 Wireless Switch works at the center of a network’s infrastructure to seamlessly and securely combine wireless LANs (WLANs) and wired networks. The switch sits on the network. Wireless Access Ports connect to one of the six available ports on the switch and the external wired network (WAN) connects to a single 10/100 Mbit/sec. WAN port.
Mobile units (MUs) associate with the switch via an Access Port. When an MU contacts the switch, the switch cell controller services attempt to authenticate the device for access to the network.
The WS 2000 Wireless Switch acts as a WAN/LAN gateway and a wired/wireless switch.
Management of Access Ports
This wireless switch provides six 10/100 Mbit/sec. LAN ports for internal wired or wireless traffic. Four of these ports provide IEEE 802.3af-compliant Power over Ethernet (PoE) support for devices that require power from the Ethernet connection (such as Access Ports). Administrators can configure the six ports to communicate with a private LAN or with an Access Port for a wireless LAN (WLAN). The switch provides up to four extended service set identifiers (ESSIDs) for each Access Port connected to the switch.
Product Overview 1-3
Firewall Security
The LAN and Access Ports are placed behind a user-configurable firewall that provides stateful packet inspection. The wireless switch performs network address translation (NAT) on packets passing to and from the WAN port. This combination provides enhanced security by monitoring communication with the wired network.
Wireless LAN (WLAN) Security
Administrators can configure security settings independently for each ESSID. Security settings and protocols available with this switch include:
Kerberos
•WEP-40
WEP-128
802.1x with RADIUS
802.1x with Shared Key
•KeyGuard
•WPA
WPA2/CCMP
VPN Security
Virtual Private Networks (VPNs) are IP-based networks that use encryption and tunneling to give users remote access to a secure LAN. In essence, the trust relationship is extended from one LAN across the public network to another LAN, without sacrificing security. A VPN behaves similarly to a private network; however, because the data travels through the public network, it needs several layers of security. The WS 2000 Wireless Switch acts as a robust VPN gateway.
WS 2000 Wireless Switch System Reference Guide1-4
Hardware Overview
The WS 2000 Wireless Switch provides a fully integrated solution for managing every aspect of connecting wireless LANs
(WLANs) to a wired network. This wireless switch can connect directly to a cable or DSL modem, and can also connect to
other wide area networks through a Layer 2/3 device (such as a switch or router). The switch includes the following features:
One WAN (RJ-45) port for connection to a DSL modem, cable modem, or any other Layer 2/3 network device.
Six 10/100 Mbit/sec. LAN (RJ-45) ports: four ports provide 802.3af “Power over Ethernet” (PoE) support; the other two do not provide power.
Each port has two LEDs, one indicating the speed of the transmission (10 or 100 Mbit/sec.), the other indicating whether there is activity on the port. The four LAN ports with PoE have a third LED that indicates whether power is being delivered over the line to a power device (such as an Access Port). (See the WS 2000 Wireless Switch LED explanation for more information on the meaning of the different state of the LEDs.)
A DB-9 serial port for direct access to the command-line interface from a PC. Use Symbol’s Null-Modem cable (Part No. 25-632878-0) for the best fitting connection.
A CompactFlash slot that provides AirBEAM
Technical Specifications
®
support.
Physical Specifications
Width: 203 mm
Height: 38 mm
Depth: 286 mm
Weight: 0.64 kg
Power Specifications
Maximum Power Consumption: 90-256 VAC, 47-63 Hz, 3A
Operating Voltage: 48 VDC
Operating Current: 1A
Peak Current: 1.6A
Environmental Specifications
Operating Temperature: 0ºC to 40ºC
Storage Temperature: -40ºC to 70ºC
Operating Humidity: 10% to 85% Non-condensing
Storage Humidity: 10% to 85% Non-condensing
Operating Altitude: 2.4 km
Storage Altitude: 4.6 km
WS 2000 Wireless Switch LED Functions
The switch has a large blue LED on the right front that indicates that the switch is powered on.
Each port on the WS 2000 Wireless Switch has either two or three LEDs that indicate the status of the port. Ports 1-4, which supply 802.3af Power over Ethernet (PoE), have three LEDs. The remaining two non-powered LAN ports and the WAN port have two LEDs.
Location Function
Upper left LED This LED is present on all ports and indicates the speed of the transmissions through the
port. The LED is on when the transmission rate is 100 Mbit per second (100BaseT). The light is off when the transmission rate is 10 Mbit per second.
Upper right LED This LED indicates activity on the port. This light is solid yellow when a link to a device is
made. The light flashes when traffic is being transferred over the line.
Lower LED This LED is only present on Ports 1-4. These ports provide 802.3af Power over Ethernet
(PoE) support to devices (such as Access Ports). The LED has several states: OFF—A non-power device (or no device) is connected; no power is being delivered. GREEN—The switch is delivering 48 volts to the power device connected to that port. RED—There was a valid PoE connection; however, the switch has detected that the power
device is faulty. The red light will remain until a non-faulty connection is made to the port.
Product Overview 1-5
WS 2000 Wireless Switch System Reference Guide1-6
Software Overview
The WS 2000 Wireless Switch software provides a fully integrated solution for managing every aspect of connecting Wireless LANs (WLANs) to a wired network, and includes the following components:
Operating System (OS) Services
Operating System (OS) Services determine how the WS 2000 Wireless Switch communicates with existing network and operating system-centric software services, including:
Dynamic Host Configuration Protocol (DHCP)
Telnet and File Transfer Protocol (FTP/TFTP) servers
The Simple Network Time Protocol (SNTP) client, used to keep switch time synchronized for Kerberos authentication
A mechanism for setting up a redundant (secondary) switch that takes over if the primary switch fails
Cell Controller Services
The Cell Controller provides the ongoing communication between mobile units (MUs) on the Wireless LAN (WLAN) and the wired network. Cell Controller services perform the following:
Initialize the Access Ports
Maintain contact with Access Ports by sending a synchronized electronic “heartbeat” at regular intervals
Track MUs when they roam from one location to another
Manage security schemes based on system configuration
Maintain system statistics
Store policies and Access Port information
Detect and manage rogue Access Ports
Management of communications QoS
Gateway Services
Gateway services provide interconnectivity between the Cell Controller and the wired network, and include the following:
System management through a Web-based Graphical User Interface (GUI) and SNMP
802.1x RADIUS client
Security, including Secure Sockets Layer (SSL) and Firewall
Network Address Translation (NAT), DHCP services, and Layer 3 Routing
Virtual Private Network (VPN)
2
Getting Started
Getting Started with the WS 2000 Wireless Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-2
Step 1: Install the Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-2
Step 2: Set Up Administrative Communication to the Switch. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2
Step 3: Set the Basic Switch Setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-4
Step 3: Set the Basic Switch Setting. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-4
Step 4: Configure the LAN Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5
Enable Subnet1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-5
Step 5: Configure Subnet1 . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6
Step 6: Configure the WAN Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-6
Communicating with the Outside World . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-7
Setting Up Point-to-Point over Ethernet (PPPoE) Communication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-8
Step 7: Enable Wireless LANs (WLANs) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-8
Wireless Summary Area . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-9
Step 8: Configure WLAN Security . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-9
Setting the Authentication Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-10
Setting the Encryption Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-10
Mobile Unit Access Control List (ACL). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-11
Step 9: Test Connectivity . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2-11
Where to Go from Here? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-12
WS 2000 Wireless Switch System Reference Guide2-2
Getting Started with the WS 2000 Wireless Switch
This section provides just enough instruction to set up the WS 2000 Wireless Switch, connect an Access Port, and test communications with a single mobile unit (MU) and the wide area network (WAN). The configuration suggestions made here are just the minimum needed to test the hardware. Once finished with this section, additional configuration settings are required. This section covers the following topics:
Step 1: Install the switch and connect it to the WAN, a standalone computer, and an Access Port
Step 2: Set up administrative communication to the switch
Step 3: Set the basic switch settings
Step 4: Configure the LAN interface
Step 1: Install the Switch
To install the WS 2000 Wireless Switch hardware, follow the directions in the WS 2000 Wireless Switch Quick Installation Guide found in the box with the switch and on the CD-ROM that is distributed with the switch. These instructions describe
how to:
Select a site (desk, wall, or rack) for the switch
Install the switch using the appropriate accessories for the selected location
Connect devices to WAN and LAN ports (using standard CAT-5 cables)
Interpret the port LEDs on the front of the switch
After the switch is mounted and powered up, connect the following items to the switch:
1. Connect the WAN to the switch (using the WAN port) with a CAT-5 Ethernet cable. The LEDs for that port should start to flash.
Step 5: Configure Subnet1
Step 6: Configure the WAN Interface
Step 7: Enable Wireless LANs (WLANs)
Step 8: Configure WLAN Security
Step 9: Test Connectivity
2. Connect an Access Port to the switch using a CAT-5 Ethernet cable using one of the six LAN ports. If the Access Port requires PPPoE, connect the Access Port in ports 1, 2, 3, or 4. Ports 5 and 6 do not provide power.
3. Have a mobile “wireless” device available to test communication with the Access Port.
Access Ports must be connected to the LAN ports of the wir eless switc h to enable co nfigurati on of the Access Port related settings.
Step 2: Set Up Administrative Communication to the Switch
Before the configuration process can begin, establish a link with the wireless switch.
1. Connect a “wired” computer to the switch (in any one of the available LAN ports) using a standard CAT-5 cable.
2. Set up the computer for TCP/IP DHCP network addressing and make sure that the DNS settings are not hardcoded.
3. Start up Internet Explorer (with Sun Micro systems’ Java Runtime Environment (JRE) 1.4 or higher installed) and type the following IP address in the address field: 192.168.0.1
For optimum compatibility use Sun Microsystems’ JRE 1.4 or higher (available from Sun’s website), and be sure to disable Microsoft’s Java Virtual Machine if it is installed.
The following screen is displayed.
Getting Started 2-3
4. Log in using “admin” as the User ID and “symbol” as the Password.
5. If the login is successful, the following dialog window is displayed.
Enter a new admin password in both fields, and click the Update Password Now button. When the admin password has been updated, the System Settings screen is displayed.
WS 2000 Wireless Switch System Reference Guide2-4
Step 3: Set the Basic Switch Setting
1. Enter a System Name for the wireless switch. The specified name appears in the lower-left corner of the configuration screens, beneath the navigation tree. This name can be a useful reminder if multiple Symbol wireless switches are being administered.
2. Enter a text description of the location of the switch in the System Location field. This text is used as a reminder to the network administrator and is also used to set the location variable if the switch is administered using SNMP.
3. Enter an email address for the administrator in the Admin Email Address field. The switch uses this address for sending SNMP-related and other administration-related messages to the administrator.
4. Select the Country for the switch from the drop-down menu. Selecting the correct country is extremely important. Each country has its own regulatory restrictions concerning electromagnetic emissions and the maximum RF signal strength that can be transmitted by Access Ports. To ensure compliance with national and local laws, be sure to set this field accurately.
5. Click Apply to save changes. Unapplied changes are lost if the administrator navigates to a different screen.
The WS 2000 switch is shipped with an open default SNMP configuration: Community: public, OID: 1.3.6.1, Access: Read-only Community: private, OID: 1.3.6.1, Access: Read-write
If your switch has these settings, it is important to change them immediately; otherwise, users on the same network will have read-write access to the switch through the SNMP interface. Select System Configuration --> SNMP Access from the left menu to examine the settings and change them, if neces sary.
Step 4: Configure the LAN Interface
The first step of network configuration process is to figure out the topology of the LAN. The WS 2000 Wireless Switch allows the administrator to enable and configure four different subnets. The administrator can assign an IP address, port associations, and DHCP settings for each subnet.
Enable Subnet1
Select LAN under the Network Configuration group from the left menu. Use the LAN configuration screen to view a summary of physical-port addresses and wireless LANs (WLANs) associated with the four supported subnets, and to enable or disable each configured subnet.
Getting Started 2-5
1. In the LAN screen, the administrator can enable up to four subnets. Make sure that the checkbox to the left of the
Subnet1 line is enabled.
Each enabled subnet shows up in the directory tree in the left column of the configuration screens. Consider disabling a previously configured subnet if its assigned ports are no longer in use, or to consolidate the LAN’s communications on fewer subnets.
The rest of the information on this screen is summary information; it is collected from other screens (such as the subnet configuration screens) where the administrator can set the data.
Network
Address
Interfaces
Network (subnet) name is a descriptive string that should describe the subnet’s function. The WS 2000 Network Management
System uses subnet names throughout the configurations screens.
This IP address allows users from outside the subnet (whether from the WAN or from another subnet from the same switch) to access the right subnet. An IP address uses a series of four numbers that are expressed in dot notation, for example, 194.182.1.1.
The Interfaces field displays which of the six physical LAN ports are associated with the subnet. The possible ports are: P1 (port
1), P2, P3, P4, P5, and P6 (from left to right facing the front of the switch). The administrator assigns a port to a subnet to enable access to the device(s) connected to that port. The administrator can assign a port to only one subnet.
The Interfaces field also lists the WLANs that are associated with the subnet.
WS 2000 Wireless Switch System Reference Guide2-6
Step 5: Configure Subnet1
The WS 2000 Network Management System allows the administrator to define and refine the configuration of the enabled subnets. Each of four subnets (short for “subnetworks”) can be configured as an identifiably separate part of the switch­managed local area network (LAN). Each subnet can include some combination of assigned ports and associated wireless LANs (WLANs).
1. Select Network Configuration --> LAN --> Subnet1 from the list on the left. The following screen appears for the selected subnet.
2. Check to make sure that all the ports and WLAN1 are selected for this subnet. WLAN1 should automatically be included if the switch and the Access Port are communicating properly. If WLAN1 is not present in the list, check the following:
• The power to the Access Port
• The connections between the switch and the Access Port
• The LEDs to make sure that lights are on and flashing
3. For this initial configuration, ensure that This interface is a DHCP Server is enabled. If so, the switch sets the IP addresses automatically for the mobile devices. This value can be changed at any time in the future. All other default settings are fine for the system test.
DHCP is a protocol that includes mechanisms for IP address allocation and delivery of host-specific configuration parameters from a DHCP server to a host. Some of these parameters are IP address, network mask, and gateway. The switch includes internal DHCP server and client features, and the subnet’s interface can use either capability.
4. Click the Apply button to save changes.
Step 6: Configure the WAN Interface
A wide area network (WAN) is a widely dispersed telecommunications network. In a corporate environment, the WAN port might connect to a larger corporate network. For a small business, the WAN port might connect to a DSL or cable modem to access the Internet.
Getting Started 2-7
The WS 2000 Wireless Switch includes one WAN port. In order to set up communications with the outside world, select
Network Configuration --> WAN from the left menu. The following WAN configuration page appears.
Communicating with the Outside World
1. Click the Enable WAN Interface checkbox to enable a connection between the switch and a larger network or the
outside world through the WAN port.
2. If this switch should be a DHCP client (get its IP address automatically from another server or switch), check the This
interface is a DHCP Client checkbox. If This interface is DHCP Client is checked, the switch is limited to one WAN
IP address. This choice is required when:
• The host router or switch on the WAN is communicating with the WS 2000 Wireless Switch using DHCP.
• The switch is interfacing with an Internet Service Provider (ISP) that uses DHCP addressing.
This setting is independent from the DHCP settings for the switch’s internal subnets.
3. If This interface is DHCP Client is not checked, fill in the information in this area. To find out the information to enter
into these fields, contact the network administrator or the ISP that provided the cable modem or DSL router. All the fields below take standard IP addresses of the form xxx.xxx.xxx.xxx.
• The IP Address refers to the IP address that the outside world uses to address the WS 2000 Wireless Switch.
• Click the More IP Addresses button to specify additional static IP addresses for the switch. Additional IP
addresses are required when users within the LAN need dedicated IP addresses, or when servers in the LAN need to be accessed (addressed) by the outside world. The pop-up window allows the administrator to enter up to eight WAN IP addresses for the switch.
• The Subnet Mask is the mask used for the WAN.
• The Default Gateway is the address of the device that provides the connection to the WAN (often a cable modem
or DSL router).
WS 2000 Wireless Switch System Reference Guide2-8
• The two DNS Server fields specify DNS addresses of servers that can translate domain names, such as
www.symbol.com, into IP addresses that the network uses when passing information. The Secondary DNS Server acts as a backup to the Primary DNS Server when the primary server is not responding.
Setting Up Point-to-Point over Ethernet (PPPoE) Communication
PPPoE provides the ability to connect a network of hosts through a simple device to a remote access concentrator. Many DSL providers require that their clients communicate using this protocol. The facility allows the ISP to control access, billing, and type of service provided to clients on a per-user or per-site basis. Check with the network administrator or ISP to determine whether to enable this feature, and, if so, find out the username and password required for authentication.
1. Check Enable in the PPP over Ethernet area to enable the PPPoE protocol for high-speed connections.
2. Enter the Username and Password required for authentication. The username and password are for the switch’s router to use when connecting to the ISP. When the Internet session starts, the ISP authenticates the username.
3. Set the Idle Time to an appropriate number. This number is the amount of time the PPPoE connection will be idle before it disconnects. The 10000 second (default idle time is appropriate for most situations).
4. Check Keep Alive to instruct the switch to continue occasional communications over the WAN even when client communications to the WAN are idle. Some ISPs terminate inactive connections, while others do not. In either case, enabling Keep-Alive mode keeps the switch’s WAN connection alive, even when there is no traffic. If the ISP drops the connection after so much idle time, the switch automatically reestablishes the connection to the ISP.
5. Select the appropriate WAN authentication method from the drop-down menu. Collect this information from the network administrator. Select between None, PAP, CHAP, or PAP or CHAP.
CHAP
PAP
A type of authentication in which the person logging in uses secret information and some special mathematical operations to come up with a number value. The server the person is logging into knows the same secret value and performs the same mathematical operations. If the results match, the person is authorized to access the server. One of the numbers in the mathematical operation is changed after every log-in, to protect against an intruder secretly copying a valid authentication session and replaying it later to log in.
An identity verification method used to send a username and password over a network to a computer that compares the username and password to a table listing authorized users. This method of authentication is less secure, because the username and password travel as clear text that a hacker could read.
6. Click the Apply button to save changes.
Step 7: Enable Wireless LANs (WLANs)
The WS 2000 Wireless Switch works either in a wired or wireless environment; however, the power of the switch is associated with its support of wireless networks. In order to use the wireless features of the switch, the administrator needs to enable up to four wireless LANs (WLANs).
To start the WLAN configuration process, select the Network Configuration --> Wireless item from the left menu. The following Wireless summary screen appears.
Getting Started 2-9
Wireless Summary Area
The top portion of the window displays a summary of the WLANs that are currently defined. This is the screen in which the administrator can enable or disable a WLAN. At first, four WLANs are listed WLAN1, WLAN2, WLAN3, and WLAN4; however, only WLAN1 is enabled.
1. Verify that WLAN1 is enabled (checked) and associated with Subnet1.
2. Verify that Access Port 1 is shown in the Access Ports Adopted field to the right. If it is not, verify the connection
between the switch and the Access Port.
The current settings for the associated Subnet and adopted Access Ports are displayed on this screen; however, the screen associated with each WLAN (under Network Configuration --> Wireless) is where the settings and rules for adopting Access Ports can be modified.
Use the Access Port Adoption area to assign Access Ports to a particular WLAN. The switch can adopt up to six Access Ports at a time, but the list of allowed Access Port addresses (displayed in this area) can exceed six in number. A dual-radio
802.11a/b Access Port counts as one Access Port with respect to the maximum allowed; however, each radio is listed as a separate Access Port.
This adoption list identifies each Access Port by its Media Access Control (MAC) address. This address is the Access Port’s hard-coded hardware number that is printed on the bottom of the device. An example of a MAC address is 00:09:5B:45:9B:07.
The default setting associates all adopted Access Ports with WLAN1.
Step 8: Configure WLAN Security
In the previous step, the administrator set parameters for each WLAN that fine tune the performance of the WLAN. In addition, the administrator can set the type and level of security for each WLAN. These security measures do not control communications from the WAN; instead, they control communication from the clients within the WLAN.
WS 2000 Wireless Switch System Reference Guide2-10
In the Network Configuration --> Wireless --> <WLAN name> --> <WLAN Name> --> Security screen, the administrator can set the user authentication method and the encryption method, as well as define a set of rules that control which MUs can communicate through the WLAN.
Setting the Authentication Method
The authentication method sets a challenge-response procedure for validating user credentials such as username, password, and sometimes secret-key information. The WS 2000 Wireless Switch provides two methods for authenticating users: 802.1x EAP and Kerberos. The administrator can select between these two methods. For testing connectivity, WLAN security is not an issue, so there is not reason to enable authentication—the default setting (No Authentication) is sufficient.
Setting the Encryption Method
Encryption applies a specific algorithm to data to alter its appearance and prevent unauthorized reading. Decryption applies the algorithm in reverse to restore the data to its original form. Sender and receiver employ the same encryption/decryption method.
Wired Equivalent Privacy (WEP) is a security protocol specified in the IEEE Wireless Fidelity (Wi-Fi) standard, 802.11b. WEP is designed to provide a WLAN with a level of security and privacy comparable to that of a wired LAN. WEP might be all that a small-business user needs for the simple encryption of wireless data. However, networks that require more security are at risk from a WEP flaw. An unauthorized person with a sniffing tool can monitor a network for less than a day and decode its encrypted messages.
For the connectivity test, set WEP 128 encryption. This ensures that communications with the switch are secure enough for this stage. Later on, increasing the security level might be necessary.
1. Select the WEP 128 (104-bit key) option.
2. To use WEP encryption with the No Authentication selection, click the WEP Key Settings button to display a sub­screen for entering keys.
Loading...
+ 464 hidden pages
Buy Points How it Works FAQ Contact Us Questions and Suggestions Privacy Policy Cookie Policy Terms of Use